Security News
BlueNoroff, a subcluster of the notorious Lazarus Group, has been observed adopting new techniques into its playbook that enable it to bypass Windows Mark of the Web protections. "BlueNoroff created numerous fake domains impersonating venture capital companies and banks," security researcher Seongsu Park said, adding the new attack procedure was flagged in its telemetry in September 2022.
We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.
When we woke up this morning, our cybersecurity infofeed was awash with "News" that Apple had just patched a security hole variously described a "Gnarly bug", a "Critical flaw" that could leave your Macs "Defenceless", and the "Achilles' heel of macOS". This isn't a new bug, it's just some new information about a bug that Apple fixed last week.
Mandiant is reporting on a trojaned Windows installer that targets Ukrainian users. Mandiant uncovered a socially engineered supply chain operation focused on Ukrainian government entities that leveraged trojanized ISO files masquerading as legitimate Windows 10 Operating System installers.
Some users running Windows 10 who installed the KB5021233 cumulative update this month are seeing their operating system crash with the Blue Screen of Death, Microsoft is warning. In an entry over the weekend in its Windows Health Dashboard, the company wrote that the update might cause "a mismatch between the file versions of hidparse.sys in c:/windows/system32 and c:/windows/system32/drivers, which might cause signature validation to fail when cleanup occurs."
Microsoft has confirmed that Windows Update won't offer optional updates in December, with the software giant only focusing on security updates due to the holiday season. That means Windows 10 and all supported versions of Windows 11, including Server versions, and even Windows 8, won't get additional updates this month.
Microsoft has confirmed that Windows Update won't offer optional updates in December, with the software giant only focusing on security updates due to the holiday season. That means Windows 10 and all supported versions of Windows 11, including Server versions, and even Windows 8, won't get additional updates this month.
Microsoft says that Windows 10 updates released in late September are causing Windows taskbar flicker issues and app instability. "After installing updates released September 20, 2022 or later, taskbar elements might flicker and cause system instability," Microsoft said in a new issue added to the Windows health dashboard on Friday.
A new cross-platform malware botnet named 'MCCrash' is infecting Windows, Linux, and IoT devices to conduct distributed denial of service attacks on Minecraft servers. "Our analysis of the DDoS botnet revealed functionalities specifically designed to target private Minecraft Java servers using crafted packets, most likely as a service sold on forums or darknet sites," explains the new report by Microsoft.
Government entities in Ukraine have been breached as part of a new campaign that leveraged trojanized versions of Windows 10 installer files to conduct post-exploitation activities. Mandiant, which discovered the supply chain attack around mid-July 2022, said the malicious ISO files were distributed via Ukrainian- and Russian-language Torrent websites.